Manually setting up linux managed systems, Installing and configuring ssh – HP Systems Insight Manager User Manual

Table 3 HP SUM Linux network ports (continued)

Description

Ports

Updates are passed to the node and retrieved through an internal secure web server that uses
the first available port in the range of 63001-63002. This support allows iLO and VC firmware

Ports 63001–63002

updates without having to access the host server. It also allows servers running VMware or other
virtualization platforms to update their iLO without having to reboot their server or to migrate
their virtual machines to other servers.
Remote HP Integrity iLO and Superdome 2 updates require these ports to be open on systems
for network traffic in both directions to transfer firmware files.

These ports are FTP ports used to perform switch updates.

Ports 21 or
63006–63010

NOTE:

HP Integrity servers have management network and production interfaces. These are

usually kept on separate subnets during an installation. To perform full remote administration of
the server, access is required for both networks. If you keep both networks isolated, you must
perform management and operating systems tasks separately.

Procedure 5 Disabling security enhanced status for Linux targets and CMS

For SELinux (Security enhanced Linux), the http and https services must be part of a trusted service.
Otherwise, the service does not allow http/s communication.

To disable security enhanced status:
1.

Set the SESettings (Enforce, Permissive, and Disabled) to Permissive or Disabled.

2.

Restart the system for new settings to take effect.

Configuring agents remotely using Configure or Repair Agents:

1.

For Linux systems, select Install Linux PSP or ESX Agents.

2.

Click Next. The Step 3: Configure or Repair Agents page appears.

To install PSP/AMS in privilege elevation mode on Linux target systems using SIM CRA functionality,
all permissions for the "sudo" user must be explicitly set. To set the permissions, modify the etc/
sudousers

file on the target system.

Add the following text to the etc/sudousers file:

# User privilege specification

<Sudo_user> ALL=(ALL) ALL

Here, replace the sudo_user with the actual sudo user created.

Manually setting up Linux managed systems

Although chapters 4-7 explain how to finish configuring managed systems from the HP SIM GUI,
this section describes how to perform some of these same steps from the command line for Linux
systems. You do need to first supply credentials and discover the systems, as described in chapters
4 and 6. Then you can do the following actions from the command line, if desired.

Installing and configuring SSH

Procedure 6 Installing and configuring SSH on a Linux system

1.

Verify that SSH is installed on the managed system:

rpm -qa | grep ssh

If SSH is not installed, see your Linux provider for information about installing SSH.

Setting up Linux servers to be managed by HP SIM

33